It's because predictionx.org isn't included in the "bulk" certificate shared by all OpenScholar sites and HarvardKey redirects you back to the site using https instead of http. Browsers must warn users when certificates don't match the site being visited to prevent site impersonation and man-in-the-middle attacks. Rather than trying to get HarvardKey to redirect using http, the domain name should be added to the certificate and it should use https 100% of the time, like every other OpenScholar site.

The procedures for adding a custom domain for an OpenScholar site should probably be updated to ensure the domain is covered by the certificate before it's enabled on OpenScholar. This should be true not only for non-harvard.edu domains like this one but any new tertiary domain names not already in the certificate (4th level domain names are already covered by wildcard entries, e.g. *.fas.harvard.edu).